Infinite Loop —

A power user’s guide to OS X Server, Mavericks edition

File sharing

As ever, the File Sharing service in Mavericks is an extension of the file-sharing features in the client version of OS X, adding WebDAV support and more robust permissions management to the existing Apple File-sharing Protocol (AFP) and Server Message Block (SMB) protocols supported by the client version of the operating system. You can also add custom greetings to your AFP share points here, and you can view the IP addresses, protocols, and usernames of all users connected to one of your share points.

After enabling the service, the system will create a number of default share points, all of which can be edited or deleted as needed. Click the plus button to add a new volume or folder as an additional share point, and then click the Settings button and "Edit share point" to adjust the permissions on the share. You can grant users read-only access, read and write access, or no access; allow or disallow guest access for a particular share; and choose to make certain shares available for the roaming user profiles that we touched upon earlier.

The biggest change to the File Sharing service this time around is so subtle on its service that you might miss it if you don't use OS X Server all the time: as we reported several months ago, Apple has announced its intention to move away from the AFP protocol, opting instead to use SMB as the default file-sharing protocol for OS X. In Mavericks Server, visible evidence of this shift includes the fact that the SMB protocol is now the first in the list of options when you're setting up a share and that some AFP-only features like the ability to send messages to connected users are now gone. AFP is still there (and Apple is still willing to improve it if need be, as we've seen in our coverage of OS X's now-resolved 802.11ac problems) and it's not likely to go away soon, but it will likely become less and less of a priority for Apple as time goes on.

OS X's SMB implementation has also been upgraded to SMB2, a newer version of the protocol introduced in Windows Vista and improved upon and upgraded further in later versions of Windows. SMB2 was designed in part to reduce the amount of overhead required to transfer files and to make server-client connections more robust. We've already seen how drastically SMB file transfers have improved since 10.8.5 over 802.11ac, but are there any differences when transferring files over wired Ethernet?

To test, we hooked one 10.8.5 server, one 10.9.0 server, and one 10.9.0 client up to a router with gigabit Ethernet cables. We ran two different tests—one copying a single large 3.6GB file from each server to the client, and one copying 6.4GB folder of 3,530 images from each server to the client.

The performance improvements are impressive. Copying large files was about 54 percent quicker in Mavericks, while copying smaller files was about 36.5 percent faster. As long as all of the computers on your network have been upgraded to Mavericks, your SMB transfer performance in OS X should be much better than it was, and after years of lagging behind, it's nice to see that the performance gap between SMB and AFP has been all but eliminated.

WebDAV sharing works the same way it did in Mountain Lion, and it's still quite persnickety about who can use it and how WebDAV shares are accessed. Most notably, the service will only allow Open Directory users, not users local to your server, to access WebDAV shares. You'll also need the precise URL for every share point you'd like to access; the format is http(s):///webdav/. Once I was doing all of these things properly, I was able to connect to my WebDAV shares from both OS X and Pages and copy some documents back and forth.

If you're a home user who wants to make your files available over the Internet (or if you'd like to make any of your services available when you're away from your home network), you'll probably need to configure port forwarding on your router, and to make things easier you'll probably also want a DNS name to go with your IP address (since the address used to reach your network from the Internet sometimes changes for most home users). Portforward.com keeps excellent guides for configuring port forwarding on a wide range of routers, and services like DynDNS offer DNS services for home Internet users.

FTP and SFTP

FTP sharing isn't part of the core File Sharing service, though it is sort of tied to it. The FTP service in OS X Server can be used to share one of your AFP or SMB shares from the File Sharing service or one of the sites you've configured with the Websites service, or you can elect to create a custom standalone share. However, you can only have one FTP share point configured at a time, making it a poor choice if you're serving several sites you'd like to access via FTP.

Remember, there's no security inherent to the FTP protocol, and by default any data you send or receive from an FTP share point will be unencrypted. If you'd like to enable encrypted SFTP transfers instead, enable remote login using SSH from your server's settings as shown above. You can also do this from within System Preferences on the server. Go to Sharing and enable Remote Login, which will enable SFTP along with the SSH remote login service. Enabling SSH enables SFTP—there's no way to have one without the other, and there's no way to serve standard FTP with SSH enabled.